<?php
if (! defined ( "IICCMS" ))
	exit ( "Access Denied" );
class LoginAction extends BaseAction {
	
	function _initialize() {
		parent::_initialize ();
		$this->dao = M ( 'User' );
		$this->assign ( 'bcid', 0 );
	}
	public function index() {
		if ($this->_userid) {
			$forward = $_POST ['forward'] ? $_POST ['forward'] : $this->forward;
			$this->assign ( 'jumpUrl', $forward );
			$this->success ( L ( 'login_ok' ) );
		}
		
		$this->display ();
	}
	
	public function dologin() {
		
		$username = trim ( $_POST ['username'] );
		$password = trim ( $_POST ['password'] );
		$verifyCode = trim ( $_POST ['verifyCode'] );
		
		if (empty ( $username ) || empty ( $password )) {
			$this->error ( L ( 'empty_username_empty_password' ) );
		}
		
		if ($this->Config ['user_login_verify'] && md5 ( $verifyCode ) != $_SESSION ['verify']) {
			$this->error ( L ( 'error_verify' ) );
		}
		$condition = array ();
		$condition ['username'] = $username;
		$authInfo = $this->dao->where ( $condition )->find ();
		if (false === $authInfo) {
			$this->error ( L ( 'empty_userid' ) );
		} else {
			if ($authInfo ['password'] != sysmd5 ( $_POST ['password'] )) {
				$this->error ( L ( 'password_error' ) );
			}
			if (! isset ( $cookietime )) {
				$get_cookietime = cookie ( 'cookietime' );
			}
			$_cookietime = $cookietime ? intval ( $cookietime ) : ($get_cookietime ? $get_cookietime : 0);
			$cookietime = $_cookietime ? TIME + $_cookietime : 0;
			$domain = str_replace ( 'http://', '', $this->config ['site_url'] );
			
			//list($userid, $password) = explode("-", sys_auth($phpcms_auth, 'DECODE', $auth_key));
			

			$yourphp_auth_key = sysmd5 ( $this->sysConfig ['ADMIN_ACCESS'] . $_SERVER ['HTTP_USER_AGENT'] );
			$yourphp_auth = authcode ( $authInfo ['id'] . "-" . $authInfo ['groupid'] . "-" . $authInfo ['password'], 'ENCODE', $yourphp_auth_key );
			//dump($authInfo ['id'] . "-" . $authInfo ['groupid'] . "-" . $authInfo ['password'], 'ENCODE', $yourphp_auth_key );
//			dump($authInfo ['id'] . "-" . $authInfo ['groupid'] . "-" . $authInfo ['password']);
//			dump(explode("-", authcode($_COOKIE['IIC_auth'], 'DECODE', $yourphp_auth_key)));
			
			cookie ( 'auth', $yourphp_auth, 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			cookie ( 'username', $authInfo ['username'], 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			cookie ( 'groupid', $authInfo ['groupid'], 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			cookie ( 'userid', $authInfo ['id'], 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			cookie ( 'email', $authInfo ['email'], 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			cookie ( 'cookietime', $_cookietime, 'prefix=IIC_&expire=' . $cookietime . '&domain=' . $domain );
			
			$dao = M ( 'User' );
			$data = array ();
			$data ['id'] = $authInfo ['id'];
			$data ['last_logintime'] = time ();
			$data ['last_ip'] = get_client_ip ();
			$data ['login_count'] = array ('exp', 'login_count+1' );
			$dao->save ( $data );
			
			$forward = $_POST ['forward'] ? $_POST ['forward'] : $this->forward;
			$this->assign ( 'jumpUrl', $forward );
			//dump($_COOKIE);
			$this->success ( L ( 'login_ok' ) );
		
		}
	
	}
	
	public function getpass() {
		$this->display ();
	}
	
	public function verify() {
		$type = isset ( $_GET ['type'] ) ? $_GET ['type'] : 'gif';
		import ( "@.ORG.Image" );
		Image::buildImageVerify ( 4, 1, $type );
	}
	
	public function logout() {
		if ($this->_userid) {
			cookie ( null, 'IIC_' );
			$this->assign ( 'jumpUrl', $this->forward );
			$this->success ( L ( 'loginouted' ) );
		} else {
			$this->assign ( 'jumpUrl', $this->forward );
			$this->error ( L ( 'logined' ) );
		}
	}
}
?>